tigervnc/patches/tigervnc-1.0.90-CVE-2011-1775.patch

Index: common/rfb/CSecurityTLS.cxx
===================================================================
--- common/rfb/CSecurityTLS.cxx	(revision 4399)
+++ common/rfb/CSecurityTLS.cxx	(revision 4400)
@@ -171,8 +171,15 @@
     if (!is->checkNoWait(1))
       return false;
 
-    if (is->readU8() == 0)
-      return true;
+    if (is->readU8() == 0) {
+      rdr::U32 result = is->readU32();
+      CharArray reason;
+      if (result == secResultFailed || result == secResultTooMany)
+        reason.buf = is->readString();
+      else
+        reason.buf = strDup("Authentication failure (protocol error)");
+      throw AuthFailureException(reason.buf);
+    }
 
     if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
       throw AuthFailureException("gnutls_init failed");
1	Index: common/rfb/CSecurityTLS.cxx
2	===================================================================
3	--- common/rfb/CSecurityTLS.cxx (revision 4399)
4	+++ common/rfb/CSecurityTLS.cxx (revision 4400)
5	@@ -171,8 +171,15 @@
6	if (!is->checkNoWait(1))
7	return false;
8
9	- if (is->readU8() == 0)
10	- return true;
11	+ if (is->readU8() == 0) {
12	+ rdr::U32 result = is->readU32();
13	+ CharArray reason;
14	+ if (result == secResultFailed \|\| result == secResultTooMany)
15	+ reason.buf = is->readString();
16	+ else
17	+ reason.buf = strDup("Authentication failure (protocol error)");
18	+ throw AuthFailureException(reason.buf);
19	+ }
20
21	if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
22	throw AuthFailureException("gnutls_init failed");